phogoldenpalace.com Open in urlscan Pro
198.252.98.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thedeliat601.com/
Effective URL:
http://phogoldenpalace.com/thedeliat601/
Submission: On March 07 via api (March 7th 2023, 4:58:42 am UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 42 HTTP transactions. The main IP is 198.252.98.66, located in United States and belongs to HAWKHOST, CA. The main domain is phogoldenpalace.com.

This is the only time phogoldenpalace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.38.91.55 198.38.91.55	23352 (SERVERCEN...) (SERVERCENTRAL)
11	198.252.98.66 198.252.98.66	20068 (HAWKHOST) (HAWKHOST)
8	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	104.20.218.77 104.20.218.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
42	10

1 198.38.91.55 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: mocha3034-web1.mochahost.com

thedeliat601.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 198.252.98.66 (United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.98.66-static.reverse.arandomserver.com

phogoldenpalace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	286 KB
11	phogoldenpalace.com phogoldenpalace.com	444 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	35 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8947	696 B
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 14113 c.statcounter.com — Cisco Umbrella Rank: 9185	15 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	49 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	611 B
1	thedeliat601.com 1 redirects thedeliat601.com	249 B
42	9

	Domain	Requested by
11	phogoldenpalace.com	phogoldenpalace.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	phogoldenpalace.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	phogoldenpalace.com
1	thedeliat601.com	1 redirects
42	12

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://phogoldenpalace.com/thedeliat601/
Frame ID: 21A2DB6E20A39A9BA824AB0B71DD35DF
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Frame ID: F196E7F7B7DDFD974F883D65F0E6F280
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734887824857067&output=html&h=90&slotname=8601752783&adk=3580464272&adf=2462321245&pi=t.ma~as.8601752783&w=728&lmt=1663041744&format=728x90&url=http%3A%2F%2Fphogoldenpalace.com%2Fthedeliat601%2F&wgl=1&dt=1678165117659&bpp=4&bdt=203&idt=139&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5009975289007&frm=20&pv=2&ga_vid=1135164231.1678165118&ga_sid=1678165118&ga_hid=619928390&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759927%2C44759876%2C31071756%2C31072649%2C31072792&oid=2&pvsid=1975196217478902&tmod=919728939&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zBYQ9JaMEx&p=http%3A//phogoldenpalace.com&dtd=163
Frame ID: 08F45140DBBB8160B016AF51EB38C4A5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734887824857067&output=html&adk=1812271804&adf=3025194257&lmt=1663041744&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fphogoldenpalace.com%2Fthedeliat601%2F&ea=0&pra=7&wgl=1&dt=1678165118014&bpp=6&bdt=558&idt=7&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd741c897552fd463-22ddfe2c47dd0092%3AT%3D1678165117%3ART%3D1678165117%3AS%3DALNI_MYM1nEvdWO7brxTDNm3I70U2PAHPA&gpic=UID%3D00000bc1288465cb%3AT%3D1678165117%3ART%3D1678165117%3AS%3DALNI_Ma1OMGqCxvwwkuhPaXFzbL_oz3xfw&prev_fmts=728x90&nras=1&correlator=5009975289007&frm=20&pv=1&ga_vid=1135164231.1678165118&ga_sid=1678165118&ga_hid=619928390&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759927%2C44759876%2C31071756%2C31072649%2C31072792&oid=2&pvsid=1975196217478902&tmod=919728939&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=53
Frame ID: 1AB46F203F08A2F26E693DBEE1078193
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 786DC56992BDB2D5E61BEDAF46DE1254
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: BAD6341562F0B613B9C07630880CEFB1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9878447C033FF63CB6F36B9E5E0679A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45ABD920A9EB4FD8A1EF052ACB8FAE84
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Deli at 601

Page URL History Show full URLs

http://thedeliat601.com/ HTTP 302
http://phogoldenpalace.com/thedeliat601/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

74 %
HTTPS

70 %
IPv6

9
Domains

12
Subdomains

10
IPs

4
Countries

832 kB
Transfer

1567 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thedeliat601.com/ HTTP 302
http://phogoldenpalace.com/thedeliat601/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
phogoldenpalace.com/thedeliat601/
Redirect Chain

http://thedeliat601.com/
http://phogoldenpalace.com/thedeliat601/

18 KB
5 KB

443ms
156ms

Document
text/html

198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: feb7ed4fc4eb8f3aa1a13f2b0846a5924c09f728be4be9836c6a9e1803784e6b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
accept-ranges: bytes
content-encoding: gzip
content-length: 4810
content-type: text/html
date: Tue, 07 Mar 2023 04:58:36 GMT
last-modified: Tue, 13 Sep 2022 04:02:24 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 224
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 07 Mar 2023 04:58:36 GMT
Keep-Alive: timeout=5, max=100
Location: http://phogoldenpalace.com/thedeliat601/
Server: Apache

GET
H/1.1 200
OK flexslider.css
phogoldenpalace.com/thedeliat601/ 5 KB
2 KB 163ms
156ms Stylesheet
text/css 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://phogoldenpalace.com/thedeliat601/flexslider.css
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e55afec4a2b29f66c7779d97a12321310839d618b96e41575106e8f31b27682f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: gzip
last-modified: Fri, 01 Jan 2021 22:10:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1675
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 140ms
68ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a85739782da5be183fda88516e6f39eeeb4fc042c46d13f1efa498f8ffbc988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48289
x-xss-protection: 0
server: cafe
etag: 3305805601367876566
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 04:58:37 GMT

GET
H/1.1 200
OK 31a387c9bfcca40ee2659255780d92ad.jpg
phogoldenpalace.com/thedeliat601/imgs/sd/ 135 KB
135 KB 316ms
158ms Image
image/jpeg 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://phogoldenpalace.com/thedeliat601/imgs/sd/31a387c9bfcca40ee2659255780d92ad.jpg
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e0570935341d778d3c2b5bdf66a75c3680dad35f1b218af1f27ff6654b722d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
last-modified: Mon, 10 May 2021 04:53:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 138271
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H/1.1 200
OK 54c6c6cd5d44f22bd35b3659d953e3db.jpg
phogoldenpalace.com/thedeliat601/imgs/sd/ 144 KB
144 KB 446ms
160ms Image
image/jpeg 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://phogoldenpalace.com/thedeliat601/imgs/sd/54c6c6cd5d44f22bd35b3659d953e3db.jpg
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: bc2fa6f1c31c7933104d40becbd80788082d4af8acc0f21614ecfc5e2249af1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
last-modified: Mon, 10 May 2021 04:53:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 147319
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H/1.1 200
OK 73a70b6f573c753e5bda728d4489719c.jpg
phogoldenpalace.com/thedeliat601/imgs/sd/ 104 KB
105 KB 472ms
158ms Image
image/jpeg 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://phogoldenpalace.com/thedeliat601/imgs/sd/73a70b6f573c753e5bda728d4489719c.jpg
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 50a182c129ba542d8e71b69e5710893c94965dd03590428bf7ed307a93d45f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
last-modified: Mon, 10 May 2021 04:53:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 106684
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 43 KB
15 KB 72ms
16ms Script
application/javascript 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 15:17:46 GMT
server: cloudflare
age: 8493
etag: W/"6406041a-aba5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7a4043b0b9002c3a-FRA
expires: Tue, 07 Mar 2023 14:37:04 GMT

GET
H/1.1 200
OK jquery-1.7.1.min.js Show response
phogoldenpalace.com/thedeliat601/ 92 KB
37 KB 164ms
159ms Script
application/javascript 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://phogoldenpalace.com/thedeliat601/jquery-1.7.1.min.js
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: gzip
last-modified: Fri, 01 Jan 2021 22:10:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 37229
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H/1.1 200
OK jquery.flexslider-min.js Show response
phogoldenpalace.com/thedeliat601/ 42 KB
8 KB 286ms
161ms Script
application/javascript 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://phogoldenpalace.com/thedeliat601/jquery.flexslider-min.js
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: c44d74e6968fccb5562a352785a577c8c2272ee13e943f6ebe24baec31cda4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: gzip
last-modified: Fri, 01 Jan 2021 22:10:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7857
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H/1.1 200
OK main-top-boxed-light.png
phogoldenpalace.com/thedeliat601/shape/ 1 KB
2 KB 345ms
157ms Image
image/png 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://phogoldenpalace.com/thedeliat601/shape/main-top-boxed-light.png
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: a5853b65750013c11a408b1c799ecde3781424569704a0f7c70fff2acd1370c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
last-modified: Fri, 01 Jan 2021 22:10:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1502
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H/1.1 200
OK menu-flip-dark.png
phogoldenpalace.com/thedeliat601/core/ 1 KB
2 KB 181ms
157ms Image
image/png 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://phogoldenpalace.com/thedeliat601/core/menu-flip-dark.png
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: b3a62dfe15a8e53bbb3cdc966605dd5dd2c26314c77674a16cfa7c8b53aedfed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
last-modified: Fri, 01 Jan 2021 22:10:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1343
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H/1.1 200
OK main-boxed-light.png
phogoldenpalace.com/thedeliat601/shape/ 175 B
499 B 181ms
157ms Image
image/png 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://phogoldenpalace.com/thedeliat601/shape/main-boxed-light.png
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 8f1230f73232b38895fc3d73cd00ec6834e1e83f702bc3d48becf76967d3fc9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
last-modified: Fri, 01 Jan 2021 22:10:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 175
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
571 B 160ms
132ms XHR
application/json 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12526290&u1=7234963513504FE50A9AA7885832B7EF&java=1&security=64a10814&sc_snum=1&sess=c5bd59&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//phogoldenpalace.com/thedeliat601/&t=The%20Deli%20at%20601&invisible=1&sc_rum_e_s=1122&sc_rum_e_e=1131&sc_rum_f_s=0&sc_rum_f_e=1064&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: http://phogoldenpalace.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 7a4043b179782c3a-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK content-bg.png
phogoldenpalace.com/thedeliat601/light/ 4 KB
4 KB 168ms
157ms Image
image/png 198.252.98.66
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://phogoldenpalace.com/thedeliat601/light/content-bg.png
Requested by: Host: phogoldenpalace.com
URL: http://phogoldenpalace.com/thedeliat601/
Protocol: HTTP/1.1
Server: 198.252.98.66 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.98.66-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 674261adf646c9b2a0eef6a05950e4460fe12c06e4864d235d9df07330eaf2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/thedeliat601/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
last-modified: Fri, 01 Jan 2021 22:10:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3943
expires: Tue, 14 Mar 2023 04:58:37 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/ 361 KB
119 KB 66ms
66ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9734887824857067&plah=phogoldenpalace.com&bust=31072649

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5b93f3e66ffda87fab4b553ce103e1f0627a0676443fd8b0413e6ca8c98b73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121820
x-xss-protection: 0
server: cafe
etag: 4276456797318226947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 04:58:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/ Frame F196 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://phogoldenpalace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 21:45:47 GMT
etag: 2378337311435320485
expires: Mon, 20 Mar 2023 21:45:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
611 B 111ms
40ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=phogoldenpalace.com&callback=_gfp_s_&client=ca-pub-9734887824857067

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9734887824857067&plah=phogoldenpalace.com&bust=31072649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40668f888087aa7cb778c9912fdab089b8ae86c1497939ec6d6dd6d77397b5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 104ms
42ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=phogoldenpalace.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 121ms
41ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=phogoldenpalace.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08F4 75 KB
30 KB 842ms
841ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734887824857067&output=html&h=90&slotname=8601752783&adk=3580464272&adf=2462321245&pi=t.ma~as.8601752783&w=728&lmt=1663041744&format=728x90&url=http%3A%2F%2Fphogoldenpalace.com%2Fthedeliat601%2F&wgl=1&dt=1678165117659&bpp=4&bdt=203&idt=139&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5009975289007&frm=20&pv=2&ga_vid=1135164231.1678165118&ga_sid=1678165118&ga_hid=619928390&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759927%2C44759876%2C31071756%2C31072649%2C31072792&oid=2&pvsid=1975196217478902&tmod=919728939&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zBYQ9JaMEx&p=http%3A//phogoldenpalace.com&dtd=163

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03cda1c0672296d4ed1b8a6ed8e46325bc023b83627d7a9c53f796e3bf76a3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://phogoldenpalace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30326
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 04:58:38 GMT
expires: Tue, 07 Mar 2023 04:58:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 50ms
42ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=phogoldenpalace.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 51ms
44ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=phogoldenpalace.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AB4 0
19 B 22ms
17ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734887824857067&output=html&adk=1812271804&adf=3025194257&lmt=1663041744&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fphogoldenpalace.com%2Fthedeliat601%2F&ea=0&pra=7&wgl=1&dt=1678165118014&bpp=6&bdt=558&idt=7&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd741c897552fd463-22ddfe2c47dd0092%3AT%3D1678165117%3ART%3D1678165117%3AS%3DALNI_MYM1nEvdWO7brxTDNm3I70U2PAHPA&gpic=UID%3D00000bc1288465cb%3AT%3D1678165117%3ART%3D1678165117%3AS%3DALNI_Ma1OMGqCxvwwkuhPaXFzbL_oz3xfw&prev_fmts=728x90&nras=1&correlator=5009975289007&frm=20&pv=1&ga_vid=1135164231.1678165118&ga_sid=1678165118&ga_hid=619928390&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759927%2C44759876%2C31071756%2C31072649%2C31072792&oid=2&pvsid=1975196217478902&tmod=919728939&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=53

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://phogoldenpalace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 04:58:38 GMT
expires: Tue, 07 Mar 2023 04:58:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11820534292120310492
tpc.googlesyndication.com/simgad/ Frame 08F4 36 KB
36 KB 104ms
42ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11820534292120310492?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmPa-z81EcDnadPu8YM0Fw8jVQAxw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734887824857067&output=html&h=90&slotname=8601752783&adk=3580464272&adf=2462321245&pi=t.ma~as.8601752783&w=728&lmt=1663041744&format=728x90&url=http%3A%2F%2Fphogoldenpalace.com%2Fthedeliat601%2F&wgl=1&dt=1678165117659&bpp=4&bdt=203&idt=139&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5009975289007&frm=20&pv=2&ga_vid=1135164231.1678165118&ga_sid=1678165118&ga_hid=619928390&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759927%2C44759876%2C31071756%2C31072649%2C31072792&oid=2&pvsid=1975196217478902&tmod=919728939&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zBYQ9JaMEx&p=http%3A//phogoldenpalace.com&dtd=163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7cfefed6409472158d95a975ef34c501d33229bd63fdc17718da9fe7454b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 16:42:09 GMT
x-content-type-options: nosniff
age: 389789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36959
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:09:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 16:42:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 08F4 22 KB
9 KB 82ms
20ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 19:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 19:44:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 08F4 3 KB
1 KB 82ms
26ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 20:44:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 08F4 20 KB
8 KB 79ms
23ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 20:44:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08F4 158 KB
49 KB 145ms
83ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49547
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678106210411282"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 04:58:38 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 08F4 33 KB
14 KB 83ms
27ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 23:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13717
x-xss-protection: 0
server: cafe
etag: 17409078185802295553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Mar 2023 23:00:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 08F4 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COwKIfcQGZJeZM5X3-gag86_QDL2pkaxum63Uh8sQzbT8ppIOEAEgrum1IWCV4pCCoAegAYbdlKECyAECqAMByAPJBKoE6AFP0HauBvxjnH3hVMV-neqK7lu5dq0ilrWHBvqGDqkEAoYMyRiYQe0xHIkxv0plw_xINQP-6nCjdlfQHEB_lkKpdBy0a5HRGz95193kGXmHFCv6Sj69t3_NmHRQbB_v6EpgJ-D3KH5AbkZyiFG1KyCVMUn5V4VK_dExFchisO4POC2SLORETKecETAYqt9-AbWxXGVSq-EP09hOCKBA0PLVr551Um0w3m1uhqUd0QjFo1jFQhkzAQ0tX8BBW9dN9QVze4TKgDyX4vllPbBbklSaPNxfiuPnVt0YtoNkv9iteWiKOfIeRY9HwASy54GHgQSSBQQIBBgBkgUECAUYBKAGAoAHmJiE4AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD_gBzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi05NzM0ODg3ODI0ODU3MDY3GAA&sigh=ePBgJsTPRmY&uach_m=[UACH]&cid=CAQSGwDUE5ympb2yi1bG4vbQaBZT1DDpYCO-ajE_HBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734887824857067&output=html&h=90&slotname=8601752783&adk=3580464272&adf=2462321245&pi=t.ma~as.8601752783&w=728&lmt=1663041744&format=728x90&url=http%3A%2F%2Fphogoldenpalace.com%2Fthedeliat601%2F&wgl=1&dt=1678165117659&bpp=4&bdt=203&idt=139&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5009975289007&frm=20&pv=2&ga_vid=1135164231.1678165118&ga_sid=1678165118&ga_hid=619928390&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759927%2C44759876%2C31071756%2C31072649%2C31072792&oid=2&pvsid=1975196217478902&tmod=919728939&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zBYQ9JaMEx&p=http%3A//phogoldenpalace.com&dtd=163
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 07 Mar 2023 04:58:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Mar 2023 04:58:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 786D 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9734887824857067&output=html&h=90&slotname=8601752783&adk=3580464272&adf=2462321245&pi=t.ma~as.8601752783&w=728&lmt=1663041744&format=728x90&url=http%3A%2F%2Fphogoldenpalace.com%2Fthedeliat601%2F&wgl=1&dt=1678165117659&bpp=4&bdt=203&idt=139&shv=r20230302&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&correlator=5009975289007&frm=20&pv=2&ga_vid=1135164231.1678165118&ga_sid=1678165118&ga_hid=619928390&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759927%2C44759876%2C31071756%2C31072649%2C31072792&oid=2&pvsid=1975196217478902&tmod=919728939&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zBYQ9JaMEx&p=http%3A//phogoldenpalace.com&dtd=163
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 04:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 08F4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37577415cd63e3ae9ec20e5e86fe2ec942f3761288b98783ed67523affff2c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 786D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
17ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 04:58:38 GMT
expires: Tue, 07 Mar 2023 04:58:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 04:58:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 100ms
53ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230302&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8868fdb33c2a524119e4172b6abed845c5818acebba156e67157a5870465a4ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11223
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame BAD6 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 16:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 16:54:25 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 120ms
120ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 04:58:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9878 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://phogoldenpalace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 20:43:58 GMT
expires: Tue, 05 Mar 2024 20:43:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 45AB 783 B
966 B 34ms
33ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f6caccae889faf8904a03c225877e72ba50f33bb55cb80f457eaaa34bb22ddd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-neuOl6C--_tJv-KOk7PiaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://phogoldenpalace.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-neuOl6C--_tJv-KOk7PiaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Mar 2023 04:58:39 GMT
expires: Tue, 07 Mar 2023 04:58:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9878 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 16:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 16:54:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 45AB 0
0 54ms
54ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230302&jk=1975196217478902&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9878 0
10 B 19ms
19ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?L5o5iA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 04:58:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230302&jk=1975196217478902&bg=!Li2lLXnNAAbv3-2Ez987ADkAdvg8WrTUjg87hgSjxMenkzm4QwVzt_joWPkbmlkxA0NcpLHDivJS8pzL4gkHrftFnhYXglw6BP8CAAAAVFIAAAADaAEHmQKoLbTH2fY1s9VkJHXmDTvMHARZYpQovl6IhXLyM1phZ3mWicvhGxa5XY7CiCsH32kwSYv6gHr6UtFSnbN9vKRYaCz25AcJpbetD4soSUUZkzZwwlpo7pPiROd0BAaRHvLGjLMI8t-nfjG5Bw7nDtNfDTtw2oby_MJpGbF0rQPhNONmnNe3GJtVEcVHiMXdF2amGjdFmWTa9DF6cMSSauz66sLRbR8voEwWSpZL5kgs8zUMrY5i0Vk2U7OSFb3gibABeC07E6suz65IhhHqwXWQKdhCJTBT513-UHDnFy_SzldJtd9XO_L4dhqsKK_4ooRhYg9YwAhIBVFgSfYbpt0pOzWAsXaJpUON0aBV-zrbH6bjdvqZobDmdJptM8alTEXr-EEXle5ejxwxKj0azG92oiE0iBCDc0yreZlLSquu0IOHzoeqKFRhuKaCo6b_WS7ks-6Wif0AEV6qRp-aeW1MFFo66mRn3FRUOLr6Q2dE69xdePbWrDTEMSHJIi55hl70Jo6RaD0v3l9mVwbUrNsz9_l224gX5jg2KGrImzLcJ_KRJ8QxNpXPVaUTcPfxhtRtI8-dJfF5ErdZBnJk24aurRn0b_GsKj8XhUug-CN4-Dr4Ruijc3s5y8szi7HyGSsUFBthuAAJvRPTYHYF1LeJQmsErVmzw-BjLbfbVZb_PlfoAQNOqgrpNGy4kM48Xk-Bys7Idz55MgANcZFOHkRQ9cylCkFUES9wOHEne1YXXQWVWvdo_Y7DjLPvzYoL2n0Dwe6i5X7M-4BFtBRGGfdMWB7vhENfN3dhIHFSE__XTOc9YGfrv2Zotnd-whPiFv62DVzAP0di9rMIt7Z_qk_VGROSDX7BrEbtk-MVpiNsuGMtxgYOndtfmPpIQa1uH1BPsnAJrLjQLEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://phogoldenpalace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 08F4 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst057JzQTokno4NX44sxZj4RV95u-681ovIc94FEn3vagGCzxAHTCB1BxOvBagT3VOOAcXi1r1LciJrY3SixLdyVUAVK0LoVs2b1YkZNKgY-AV_U541oTY8T4oS5bsSbtjz4uQCag&sai=AMfl-YRFHGAi3-knE2VGH2HVMU94NA2py-tpHoYRqh7sh2s5Fm2iETou7vom2Sx9hQAWoUX_VECCyL0nhKBz&sig=Cg0ArKJSzJo9hItYk7NWEAE&cid=CAQSGwDUE5ympb2yi1bG4vbQaBZT1DDpYCO-ajE_HBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3580464272&rs=2&la=0&cr=0&vs=4&r=v&rst=1678165117824&rpt=1078&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Mar 2023 04:58:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.phogoldenpalace.com/	1970-01-20 19:45:25	Name: sc_is_visitor_unique Value: rx12526290.1678165118.7234963513504FE50A9AA7885832B7EF.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-20 19:45:25	Name: is_unique Value: sc12526290.1678165117.0
.statcounter.com/	1970-01-20 19:45:25	Name: is_visitor_unique Value: 1678165117256155360
.phogoldenpalace.com/	1970-01-20 19:31:01	Name: __gads Value: ID=d741c897552fd463-22ddfe2c47dd0092:T=1678165117:RT=1678165117:S=ALNI_MYM1nEvdWO7brxTDNm3I70U2PAHPA
.phogoldenpalace.com/	1970-01-20 19:31:01	Name: __gpi Value: UID=00000bc1288465cb:T=1678165117:RT=1678165117:S=ALNI_Ma1OMGqCxvwwkuhPaXFzbL_oz3xfw
.doubleclick.net/	1970-01-20 19:31:01	Name: IDE Value: AHWqTUl_mKI67Q92UHsLfPbsDOap1NzpBJzula97qqP0aokZU4eiaKR7GBiuwcpqiNE
.doubleclick.net/	1970-01-20 10:09:28	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.statcounter.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
phogoldenpalace.com
thedeliat601.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.statcounter.com
104.20.218.77
198.252.98.66
198.38.91.55
2a00:1450:4001:802::2002
2a00:1450:4001:831::2004
2a00:1450:400d:802::2002
2a00:1450:400d:807::2001
2a00:1450:400d:807::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2002
03cda1c0672296d4ed1b8a6ed8e46325bc023b83627d7a9c53f796e3bf76a3a5
0a85739782da5be183fda88516e6f39eeeb4fc042c46d13f1efa498f8ffbc988
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
40668f888087aa7cb778c9912fdab089b8ae86c1497939ec6d6dd6d77397b5cc
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259
50a182c129ba542d8e71b69e5710893c94965dd03590428bf7ed307a93d45f09
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
674261adf646c9b2a0eef6a05950e4460fe12c06e4864d235d9df07330eaf2fd
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
863cd492b5b90e6518292dd9684fa54a5485d361a229b81a85cfc08de6ce899f
8868fdb33c2a524119e4172b6abed845c5818acebba156e67157a5870465a4ce
8f1230f73232b38895fc3d73cd00ec6834e1e83f702bc3d48becf76967d3fc9a
9f6caccae889faf8904a03c225877e72ba50f33bb55cb80f457eaaa34bb22ddd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5853b65750013c11a408b1c799ecde3781424569704a0f7c70fff2acd1370c2
a5b93f3e66ffda87fab4b553ce103e1f0627a0676443fd8b0413e6ca8c98b73b
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
b3a62dfe15a8e53bbb3cdc966605dd5dd2c26314c77674a16cfa7c8b53aedfed
bc2fa6f1c31c7933104d40becbd80788082d4af8acc0f21614ecfc5e2249af1c
c37577415cd63e3ae9ec20e5e86fe2ec942f3761288b98783ed67523affff2c9
c44d74e6968fccb5562a352785a577c8c2272ee13e943f6ebe24baec31cda4eb
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
e0570935341d778d3c2b5bdf66a75c3680dad35f1b218af1f27ff6654b722d05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e55afec4a2b29f66c7779d97a12321310839d618b96e41575106e8f31b27682f
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7cfefed6409472158d95a975ef34c501d33229bd63fdc17718da9fe7454b567
feb7ed4fc4eb8f3aa1a13f2b0846a5924c09f728be4be9836c6a9e1803784e6b

phogoldenpalace.com Open in urlscan Pro 198.252.98.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

74 %HTTPS

70 %IPv6

9 Domains

12 Subdomains

10 IPs

4 Countries

832 kBTransfer

1567 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

phogoldenpalace.com Open in urlscan Pro
198.252.98.66 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

74 %
HTTPS

70 %
IPv6

9
Domains

12
Subdomains

10
IPs

4
Countries

832 kB
Transfer

1567 kB
Size

7
Cookies

42 HTTP transactions
1 data transactions